Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phF7sJoRrMbUnYBYHUkYprNblUA.roa
File: phF7sJoRrMbUnYBYHUkYprNblUA.roa (raw, json)
Hash identifier: xaSfTmzEYvxTrC92VGdVyvLmIdM1MCqk+FK2lOtNY7Y=
Subject key identifier: A6:11:7B:B0:9A:11:AC:C6:D4:9D:80:58:1D:49:18:A6:B3:5B:95:40
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BA803638C05DF0AE71D3A6815DF22A4D8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phF7sJoRrMbUnYBYHUkYprNblUA.roa
Signing time: Tue 07 Nov 2023 04:21:16 +0000
ROA not before: Tue 07 Nov 2023 04:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 194.87.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:03:63:8c:05:df:0a:e7:1d:3a:68:15:df:22:a4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 7 04:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6117bb09a11acc6d49d80581d4918a6b35b9540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:7f:ae:ff:86:7a:d6:fa:73:89:21:3f:88:
25:ff:35:ee:e6:f1:47:f5:76:b3:c5:0f:93:45:4b:
75:e8:3a:7d:af:fc:ed:92:24:92:9e:f2:89:63:3e:
9e:d2:64:6a:ce:45:a9:03:95:70:41:38:fe:44:50:
e9:2a:a6:3f:41:7a:3e:21:dd:33:25:f8:67:b0:fe:
99:83:fa:d6:a4:9a:3e:d0:a5:84:68:64:53:41:59:
bf:6d:68:2c:35:07:9c:75:11:01:6a:d6:c2:e5:62:
3d:60:ad:fd:0c:dc:3a:6f:9d:74:07:63:fa:13:dd:
a1:c7:9c:f8:ce:2f:66:21:c5:c5:84:f8:97:25:62:
3e:78:c5:80:df:8f:b7:64:0d:dd:c8:45:b4:6d:3c:
0f:b1:b2:5c:89:e1:ad:6b:b4:87:b2:05:69:81:fc:
de:38:50:62:a6:3d:35:3b:fe:4a:5e:1f:87:a2:69:
5b:3d:17:af:8f:18:1e:ff:00:9d:85:81:91:e5:89:
8f:80:51:ee:3f:db:b7:38:10:86:d2:ac:33:bf:03:
2e:47:07:a2:b2:7d:62:1d:b5:50:4f:b7:bb:51:43:
8d:aa:d9:13:51:27:02:64:fd:43:f0:eb:59:8d:ef:
74:b2:30:5c:e8:c6:b6:55:11:a4:12:98:ac:66:69:
ce:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:11:7B:B0:9A:11:AC:C6:D4:9D:80:58:1D:49:18:A6:B3:5B:95:40
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/phF7sJoRrMbUnYBYHUkYprNblUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.198.0/24
Signature Algorithm: sha256WithRSAEncryption
56:c7:50:7d:bd:18:c1:16:5b:de:92:0e:3d:68:b4:2c:0f:e8:
5d:bd:61:b5:78:f4:7e:63:63:44:36:f7:76:b5:a2:2d:36:95:
9d:1f:f1:d8:97:01:ff:cd:9b:d4:39:3b:db:40:2a:f5:f4:1a:
19:f2:b1:52:96:b1:43:24:18:0d:8a:8d:53:cf:8c:92:a7:0b:
4f:2d:aa:b9:d5:af:d0:62:7b:d3:d0:c5:77:87:36:a3:2b:65:
69:1d:22:25:1c:b4:a7:a8:21:db:3d:e3:b3:4d:50:be:ca:3f:
ae:4e:67:72:11:13:f0:c3:40:67:76:fc:39:ec:4c:a4:c0:83:
77:bb:94:63:95:5f:db:62:99:75:7b:60:62:b1:ae:fe:0a:81:
5d:0a:89:39:20:4d:17:15:56:cf:18:9c:dd:67:21:cc:ab:38:
ef:39:c4:12:a0:31:dc:2f:c9:96:73:76:fe:cb:57:47:1b:26:
71:1a:7d:34:a1:7a:05:18:43:cc:a3:34:63:88:e1:05:fe:f4:
fb:77:07:8a:f1:db:b1:e2:47:5a:bc:9c:4c:a5:c5:b4:72:1c:
de:19:91:ee:5e:55:72:23:33:e1:2b:9d:79:6d:cd:51:92:c0:
41:7d:e4:06:3c:ff:19:8b:84:49:32:6d:b2:b4:45:b1:1d:fb:
16:51:20:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuoA2OMBd8K5x06aBXfIqTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA3MDQyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjExN2JiMDlhMTFhY2M2ZDQ5ZDgwNTgxZDQ5MThhNmIzNWI5NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0V/rv+Getb6c4khP4gl/zXu5vFH
9XazxQ+TRUt16Dp9r/ztkiSSnvKJYz6e0mRqzkWpA5VwQTj+RFDpKqY/QXo+Id0z
JfhnsP6Zg/rWpJo+0KWEaGRTQVm/bWgsNQecdREBatbC5WI9YK39DNw6b510B2P6
E92hx5z4zi9mIcXFhPiXJWI+eMWA34+3ZA3dyEW0bTwPsbJcieGta7SHsgVpgfze
OFBipj01O/5KXh+HomlbPRevjxge/wCdhYGR5YmPgFHuP9u3OBCG0qwzvwMuRwei
sn1iHbVQT7e7UUONqtkTUScCZP1D8OtZje90sjBc6Ma2VRGkEpisZmnOVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYRe7CaEazG1J2AWB1JGKazW5VAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGhGN3NKb1JyTWJVbllCWUhVa1lwck5ibFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfGMA0G
CSqGSIb3DQEBCwUAA4IBAQBWx1B9vRjBFlvekg49aLQsD+hdvWG1ePR+Y2NENvd2
taItNpWdH/HYlwH/zZvUOTvbQCr19BoZ8rFSlrFDJBgNio1Tz4ySpwtPLaq51a/Q
YnvT0MV3hzajK2VpHSIlHLSnqCHbPeOzTVC+yj+uTmdyERPww0Bndvw57EykwIN3
u5RjlV/bYpl1e2Bisa7+CoFdCok5IE0XFVbPGJzdZyHMqzjvOcQSoDHcL8mWc3b+
y1dHGyZxGn00oXoFGEPMozRjiOEF/vT7dweK8dux4kdavJxMpcW0chzeGZHuXlVy
IzPhK515bc1RksBBfeQGPP8Zi4RJMm2ytEWxHfsWUSCQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org